This Saturday, files with the personal data of 533 million Facebook users appeared in a small hacking forum. The data includes the phone number, full name, identification number on Facebook, current and previous location, date of birth, email, date of creation, sentimental status and bio. The particularity of the gap is that it includes hundreds of millions of telephone numbers linked to their owners, including 10.8 million Spanish and other Latin American countries.
In January this data was sold through Telegram: a bot offered in the Telegram messaging app the mobile number of these users in exchange for a payment. This Saturday the technical director of the cyberintelligence company HudsonRock, Alon Gal, found the database complete and free.
Facebook says the data pertains to a gap patched in 2019, so the leaked information is at least a couple of years old. However, it is likely that many of those phone numbers are still active. The company has not yet clarified if it communicated to those affected that their data was exposed or if it plans to do so. EL PAÍS has asked Facebook for more clarifications, for now without an answer. In 2019 Facebook warned of the leak of a database with more than 400 million phone numbers along with the identification number on Facebook. The files that have now appeared include much more detail.
The danger of this data goes beyond the hacking of Facebook accounts, since in principle there are no passwords affected. Combining personal data makes social engineering attacks, such as phishing, much more effective. It is not the same to receive an SMS from a fake Post Office package as it is addressed to the name of the recipient, with their date of birth or other personal details.
The database contains user information from 108 countries around the world. Australian Troy Hunt, creator of Have I Been Pwned, which gathers email leaks to find out if an email account has been affected, has already entered this dataset on its page. The relative good news is that only 0.5% of users in this Facebook breach have seen their email affected, according to Hunt. Now it is evaluating whether to include phone numbers on its website to further warn users that their phone number may be in the hands of cybercriminals.
In his thread, Hunt claims to have heard cases of more sms addressed personally to victims, although he has no proof that it is associated with this breach. In an analysis focused on Spanish files, these are the figures found by the @ciberpolies account.
Eddie is an Australian news reporter with over 9 years in the industry and has published on Forbes and tech crunch.